Access Azure Files with GMSA Account
Question
I want to have Microsoft SQL Server Agent Jobs run under a GMSA account, but they need to have access to an Azure Files container in an Azure Storage account.
Everything I've found so far points to storing the Azure Files credentials in the Windows Credential Manager under the user account for the service, but I can't figure out how to do this for a GMSA account.
Is there a way to store a set of credentials in Windows Credential Manager for use by a GMSA account, or is there another way for the GMSA account to authenticate to Azure Files?
1 answers
solution1
0 2019-02-14 19:33:04
Azure File currently supports integration with AADS. Meaning, Azure File shares can be accessible from accounts already in Azure Active Directory:
" Integration with AAD enables SMB access to Azure file shares using AAD credentials from AAD DS domain joined Windows VMs. In addition Azure Files supports preserving, inheriting, and enforcing Microsoft file system NTFS ACLs on all folders and files in a file share. "
More information can be found here The option is currently in public preview. If you were referring to Blob Storage instead(since container files was mentioned), you can check similar info in this link
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.